CVE-2021-41390
8.0 HIGHIn Ericsson ECM before 18.0, it was observed that Security Provider Endpoint in the User Profile Management Section is vulnerable to CSV ...
Published: 2021-09-17 · Last updated: 2026-06-17
Severity and scoring
- CVSS
- 8.0 HIGH
- Vector
- CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
- CWE
- CWE-74
Affected products
| Vendor | Product |
|---|---|
| ericsson | enterprise_content_management |
Description
In Ericsson ECM before 18.0, it was observed that Security Provider Endpoint in the User Profile Management Section is vulnerable to CSV Injection.
Source: NVD
References
Related CVEs
Same vendor
- CVE-2025-59174 — Ericsson Packet Core Controller (PCC) versions prior to 1.39 contain a vulnerability where an attacker sending a large volume of speciall... (6.5 MEDIUM)
- CVE-2026-25659 — Ericsson Packet Core Gateway (PCG) versions prior to 1.30 contain an Improper Handling of Missing Values (CWE-230) vulnerability where an... (6.5 MEDIUM)
- CVE-2026-25658 — Ericsson Packet Core Gateway (PCG) versions prior to 1.30 contain an Improper Handling of Missing Values (CWE-230) vulnerability where an... (6.5 MEDIUM)
- CVE-2026-25657 — Ericsson Packet Core Gateway (PCG) versions prior to 1.30 contain an Improper Handling of Syntactically Invalid Structure (CWE-228) vulne... (6.5 MEDIUM)
- CVE-2021-41391 — In Ericsson ECM before 18.0, it was observed that Security Management Endpoint in User Profile Management Section is vulnerable to stored... (5.4 MEDIUM)
Same CWE
- CVE-2026-12223 — A vulnerability was identified in Yealink SIP-T46U 108.86.0.118 (5.5 MEDIUM)
- CVE-2026-12219 — A flaw has been found in Yealink SIP-T46U 108.86.0.118 (6.3 MEDIUM)
- CVE-2026-12206 — A vulnerability was identified in Grit42 Grit up to 0.11.0 (6.3 MEDIUM)
- CVE-2026-12197 — A security flaw has been discovered in Ruijie EG105G-P 2.340 (7.2 HIGH)
- CVE-2026-12188 — A vulnerability was detected in Grit42 Grit up to 0.11.0 (6.3 MEDIUM)